cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mbedtls-1.3' into development

Browse Source 
* mbedtls-1.3:
  Add missing depends in x509 programs
  Simplify ifdef checks in programs/x509
  Fix thread safety issue in RSA operations
  Add test certificate for bitstring in DN
  Add support for X.520 uniqueIdentifier
  Accept bitstrings in X.509 names
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-31 17:56:15 +02:00
commit 26c9f90cae
12 changed files with 143 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -62,6 +62,8 @@ Changes
Security Security
Features Features
* Add support for bit strings in X.509 names (request by Fredrik Axelsson).
* Add support for id-at-uniqueIdentifier in X.509 names.
* Add support for overriding snprintf() (except on Windows) and exit() in * Add support for overriding snprintf() (except on Windows) and exit() in
the platform layer. the platform layer.
* Add an option to use macros instead of function pointers in the platform * Add an option to use macros instead of function pointers in the platform
@ -80,6 +82,7 @@ Features
errors on use of deprecated functions. errors on use of deprecated functions.
Bugfix Bugfix
* Fix thread safety bug in RSA operations (found by Fredrik Axelsson).
* Fix hardclock() (only used in the benchmarking program) with some * Fix hardclock() (only used in the benchmarking program) with some
versions of mingw64 (found by kxjhlele). versions of mingw64 (found by kxjhlele).
* Fix warnings from mingw64 in timing.c (found by kxjklele). * Fix warnings from mingw64 in timing.c (found by kxjklele).
@ -90,6 +93,8 @@ Bugfix
POLARSSL_SSL_SSESSION_TICKETS where both enabled in config.h (introduced POLARSSL_SSL_SSESSION_TICKETS where both enabled in config.h (introduced
in 1.3.10). in 1.3.10).
* Add missing extern "C" guard in aesni.h (reported by amir zamani). * Add missing extern "C" guard in aesni.h (reported by amir zamani).
* Add missing dependency on SHA-256 in some x509 programs (reported by
Gergely Budai).
Changes Changes
* Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now * Adjusting/overriding CFLAGS and LDFLAGS with the make build syste is now

1
include/mbedtls/oid.h
View File

@ -122,6 +122,7 @@
#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */ #define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */ #define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */ #define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
#define OID_AT_UNIQUE_IDENTIFIER OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */
#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ #define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ #define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */

4
library/oid.c
View File

@ -235,6 +235,10 @@ static const oid_x520_attr_t oid_x520_attr_type[] =
{ ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, { ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
"DC", "DC",
}, },
{
{ ADD_LEN( OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" },
"uniqueIdentifier",
},
{ {
{ NULL, 0, NULL, NULL }, { NULL, 0, NULL, NULL },
NULL, NULL,

14
library/rsa.c
View File

@ -282,11 +282,18 @@ int rsa_public( rsa_context *ctx,
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
} }
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_lock( &ctx->mutex );
#endif
olen = ctx->len; olen = ctx->len;
MPI_CHK( mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); MPI_CHK( mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) );
MPI_CHK( mpi_write_binary( &T, output, olen ) ); MPI_CHK( mpi_write_binary( &T, output, olen ) );
cleanup: cleanup:
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_unlock( &ctx->mutex );
#endif
mpi_free( &T ); mpi_free( &T );
@ -400,6 +407,10 @@ int rsa_private( rsa_context *ctx,
MPI_CHK( mpi_mod_mpi( &T, &T, &ctx->N ) ); MPI_CHK( mpi_mod_mpi( &T, &T, &ctx->N ) );
} }
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_lock( &ctx->mutex );
#endif
#if defined(POLARSSL_RSA_NO_CRT) #if defined(POLARSSL_RSA_NO_CRT)
MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) ); MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) );
#else #else
@ -440,10 +451,11 @@ int rsa_private( rsa_context *ctx,
MPI_CHK( mpi_write_binary( &T, output, olen ) ); MPI_CHK( mpi_write_binary( &T, output, olen ) );
cleanup: cleanup:
mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 );
#if defined(POLARSSL_THREADING_C) #if defined(POLARSSL_THREADING_C)
polarssl_mutex_unlock( &ctx->mutex );
mpi_free( &Vi_copy ); mpi_free( &Vf_copy ); mpi_free( &Vi_copy ); mpi_free( &Vf_copy );
#endif #endif
mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 );
if( ret != 0 ) if( ret != 0 )
return( POLARSSL_ERR_RSA_PRIVATE_FAILED + ret ); return( POLARSSL_ERR_RSA_PRIVATE_FAILED + ret );

3
library/x509.c
View File

@ -380,7 +380,8 @@ static int x509_get_attr_type_value( unsigned char **p,
if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING && if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
**p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING && **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
**p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING ) **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING &&
**p != ASN1_BIT_STRING )
return( POLARSSL_ERR_X509_INVALID_NAME + return( POLARSSL_ERR_X509_INVALID_NAME +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); POLARSSL_ERR_ASN1_UNEXPECTED_TAG );

37
programs/x509/cert_app.c
View File

@ -34,11 +34,22 @@
#define polarssl_printf printf #define polarssl_printf printf
#endif #endif
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
defined(POLARSSL_CTR_DRBG_C) !defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/net.h" #include "mbedtls/net.h"
@ -48,7 +59,6 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#endif
#define MODE_NONE 0 #define MODE_NONE 0
#define MODE_FILE 1 #define MODE_FILE 1
@ -84,21 +94,6 @@
" permissive=%%d default: 0 (disabled)\n" \ " permissive=%%d default: 0 (disabled)\n" \
"\n" "\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
/* /*
* global options * global options
*/ */

29
programs/x509/cert_req.c
View File

@ -33,9 +33,19 @@
#define polarssl_printf printf #define polarssl_printf printf
#endif #endif
#if defined(POLARSSL_X509_CSR_WRITE_C) && defined(POLARSSL_FS_IO) && \ #if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
defined(POLARSSL_PK_PARSE_C) && \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_SHA256_C) || \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_SHA256_c and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n");
return( 0 );
}
#else
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
@ -44,7 +54,6 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#endif
#define DFL_FILENAME "keyfile.key" #define DFL_FILENAME "keyfile.key"
#define DFL_DEBUG_LEVEL 0 #define DFL_DEBUG_LEVEL 0
@ -80,18 +89,6 @@
" object_signing_ca\n" \ " object_signing_ca\n" \
"\n" "\n"
#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n");
return( 0 );
}
#else
/* /*
* global options * global options
*/ */

32
programs/x509/cert_write.c
View File

@ -33,10 +33,20 @@
#define polarssl_printf printf #define polarssl_printf printf
#endif #endif
#if defined(POLARSSL_X509_CRT_WRITE_C) && \ #if !defined(POLARSSL_X509_CRT_WRITE_C) || \
defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) && \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
defined(POLARSSL_ERROR_C) !defined(POLARSSL_ERROR_C) || !defined(POLARSSL_SHA256_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_SHA256_C and_or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_ERROR_C not defined.\n");
return( 0 );
}
#else
#include "mbedtls/x509_crt.h" #include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
@ -46,7 +56,6 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#endif
#if defined(POLARSSL_X509_CSR_PARSE_C) #if defined(POLARSSL_X509_CSR_PARSE_C)
#define USAGE_CSR \ #define USAGE_CSR \
@ -120,19 +129,6 @@
" object_signing_ca\n" \ " object_signing_ca\n" \
"\n" "\n"
#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_ERROR_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
"POLARSSL_FS_IO and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_ERROR_C not defined.\n");
return( 0 );
}
#else
/* /*
* global options * global options
*/ */

22
programs/x509/crl_app.c
View File

@ -33,14 +33,21 @@
#define polarssl_printf printf #define polarssl_printf printf
#endif #endif
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
defined(POLARSSL_X509_CRL_PARSE_C) && defined(POLARSSL_FS_IO) !defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
#include "mbedtls/x509_crl.h" #include "mbedtls/x509_crl.h"
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#endif
#define DFL_FILENAME "crl.pem" #define DFL_FILENAME "crl.pem"
#define DFL_DEBUG_LEVEL 0 #define DFL_DEBUG_LEVEL 0
@ -51,15 +58,6 @@
" filename=%%s default: crl.pem\n" \ " filename=%%s default: crl.pem\n" \
"\n" "\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
/* /*
* global options * global options
*/ */

22
programs/x509/req_app.c
View File

@ -33,14 +33,21 @@
#define polarssl_printf printf #define polarssl_printf printf
#endif #endif
#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
defined(POLARSSL_X509_CSR_PARSE_C) && defined(POLARSSL_FS_IO) !defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#endif
#define DFL_FILENAME "cert.req" #define DFL_FILENAME "cert.req"
#define DFL_DEBUG_LEVEL 0 #define DFL_DEBUG_LEVEL 0
@ -51,15 +58,6 @@
" filename=%%s default: cert.req\n" \ " filename=%%s default: cert.req\n" \
"\n" "\n"
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
#else
/* /*
* global options * global options
*/ */

51
tests/data_files/bitstring-in-dn.pem Normal file
View File

@ -0,0 +1,51 @@
-----BEGIN CERTIFICATE-----
MIIEATCCAumgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBxMRMwEQYDVQQDDApUZXN0
IENBIDAxMREwDwYDVQQIDAhFY25pdm9ycDELMAkGA1UEBhMCWFgxHjAcBgkqhkiG
9w0BCQEWD3RjYUBleGFtcGxlLmNvbTEaMBgGA1UECgwRVGVzdCBDQSBBdXRob3Jp
dHkwHhcNMTUwMzExMTIwNjUxWhcNMjUwMzA4MTIwNjUxWjCBmzELMAkGA1UEBhMC
WFgxDDAKBgNVBAoMA3RjYTERMA8GA1UECAwIRWNuaXZvcnAxDDAKBgNVBAsMA1RD
QTEPMA0GA1UEAwwGQ2xpZW50MSEwHwYJKoZIhvcNAQkBFhJjbGllbnRAZXhhbXBs
ZS5jb20xEzARBgNVBAUTCjcxMDEwMTIyNTUxFDASBgNVBC0DCwA3MTAxMDEyMjU1
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQS0JLb8Dqy8V2mszkWk
V8c/NPQcG3ivueXZHqOT9JTiPqrigGcLHtlmlaJ0aUUxix7q60aOds041TFyeknT
SUFYY4ppOhiP+fOpWKPv4ZMwhSI2XzcgYhQSNHV0lIG1we9RAAfumomDMq7oMJhb
EGf0ihibbwZXPUwBlm10GaB4K93PNY8Bz4ekBxzQ1WJkQ5LGsQnVZSuLnvp5dWSe
J2axxyY4hPXR30jzEyZvy4kv4nzAu5lqZ5XKLrRO4TKwZrtr+CCPVkPJRE36rWYt
tQaJEEpNOo0ZPpTtG6F8/tGh5r8jFx/f6wG+nyANJJ98kEP8i6TPjRrg+697mLcd
iQIDAQABo3kwdzAJBgNVHRMEAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9j
cmwuZXhhbXBsZS5jb20vdGVzdF9jYV8wMS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUH
AwIwHQYDVR0RBBYwFIESY2xpZW50QGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUA
A4IBAQBySELCnU8/PtGIG3dwhJENOSU5R7w8jpRXxHCuSBR+W6nuUCISz+z+EdF/
A7AOJDASuS+4gkrSSmQhGFpf7E5VbF8trVZhLAZrXqKMcUreKH6v0I8MAUXmIs3G
tqiBGf7pSYJN9DvVOOgANjdy6THuUzYv5qSvBZ4pNYEfHSlMNrV7niynd8dgPOML
pA7GUfv5k2mMkMbSD15pTMgcavrBKYgyqcvF1C3qghfoL5+i38H8sKzF8hy7wHtE
ESHtBq20RYA3m0UcA0e64GcanO2Ps/AQVBc7qMeHbqnqj3uUhtTkQcMUWnMgy1NR
5RbzoLMOxq7hoOCyIaQeM/wgxeGE
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAnQS0JLb8Dqy8V2mszkWkV8c/NPQcG3ivueXZHqOT9JTiPqri
gGcLHtlmlaJ0aUUxix7q60aOds041TFyeknTSUFYY4ppOhiP+fOpWKPv4ZMwhSI2
XzcgYhQSNHV0lIG1we9RAAfumomDMq7oMJhbEGf0ihibbwZXPUwBlm10GaB4K93P
NY8Bz4ekBxzQ1WJkQ5LGsQnVZSuLnvp5dWSeJ2axxyY4hPXR30jzEyZvy4kv4nzA
u5lqZ5XKLrRO4TKwZrtr+CCPVkPJRE36rWYttQaJEEpNOo0ZPpTtG6F8/tGh5r8j
Fx/f6wG+nyANJJ98kEP8i6TPjRrg+697mLcdiQIDAQABAoIBAF7i3MnjGmbz080v
OxJb23iAG54wdlvTjr3UPGTbjSmcXyxnsADQRFQcJHYAekCzY8EiqewL80OvuMx8
2SU1P81hA70Dg5tsBHWT3Z6HUwsKG6QYjKr1cUhTwLyazhyAVgogSN6v7GzO9M3I
DOBw8Xb0mz5oqGVre4S7TapN8n8ZG5oWm0XKGACXy0KbzY0KvWdkUzumFQ8X/ARE
FsWyu+O69EbMqZRUKu45SrcubsdVGjOwseZHkmp5V6pc6Q/OrTHZqXJtDva5UIRq
+Lof5scy9jiwwRnM/klvh23mz0ySU4YA3645m5KqyWR4YJCR1MnMANmXUSeYWfYz
19+R1gECgYEAzm83lI7eIhTH38H0/jFpf3R7vNjPX3TR5waa4EXsCxhTOpoL89mR
iNmzH0aOC4OR8rz/9PCnwmtH1lyQ4r/RokBmCp3pBxeWSlenFfV3rLCeEDo0Q/OL
SX5DL4IbZD0VmNDt606WS7AEv93GhpN03Anw6kgHQUm1l030PR9DYZECgYEAwrgO
/RyB/Ehw7smlysZb2sn1lvd6z8fg+pcu8ZNRKODaYCCOb8p1lnHrnIQdEmjhlmVp
HAEuJ5jxCb+lyruV+dlx+0W/p6lHtKr0iBHG8EFkHnjN6Y+59Qu0HfSm0pZw7Ftr
QcUDPuDJkTVUAvrZqciWlwzTWCC9KYXtasT+AHkCgYEAnP80dAUbpyvKvr/RxShr
JYW/PWZegChmIp+BViOXWvDLC3xwrqm+5yc59QVBrjwH2WYn+26zB0dzwPFxNyHP
GuiDMnvZ54zmve9foXGn7Gv+KjU53pvwSJqAGjeHAXr7W9c5uoVwBGv/kLPn8h1e
+KGO2X6iFeMq+cFNiNan9iECgYBj+oGnsKWFVeS2ls8LyMGNGzmAZF2opiZ8RHgU
DeIULS+zP8Qi3j92GdQyLxuGQlfiEvvfJzP9nOfWa5LC/4JIIUAHFo8LlT1+JHEe
FJKi9dBkXP7NN8DxcyruXpnxctFUarQttuytslmMt2cFiKuOI7I+qJUzoMu/sEZx
FeidcQKBgQCuralmtbl4nxjn3aR/ZgFTAKCL9WaJPh5hFJ9q4UuWxJdBX5z3Ey3/
70ehLKYPumjmZtXynzz4BTWj1W9X+tgj/499uzV6LdQERGjT6WVy8xR9RELWW0an
N9N1IAc4qTSjbI4EIMwMBSAoFfCux/jfDkG4g+RDnpV92sqxz2CtKg==
-----END RSA PRIVATE KEY-----

4
tests/suites/test_suite_x509parse.data
View File

@ -110,6 +110,10 @@ X509 Certificate information EC signed by RSA
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP192R1_ENABLED depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n"
X509 Certificate information Bitstring in subject name
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \: \next key usage \: TLS Web Client Authentication\n"
X509 certificate v1 with extension X509 certificate v1 with extension
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C:POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C:POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \: identity-check.org, www.identity-check.org\n" x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \: identity-check.org, www.identity-check.org\n"